Vulnerabilities > Improper Certificate Validation

DATE	CVE	VULNERABILITY TITLE	RISK
2025-05-07	CVE-2025-20157	A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper validation of certificates that are used by the Smart Licensing feature. network high complexity CWE-295	5.9
2025-05-07	CVE-2025-3218	IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due to incorrect validation processing in IBM i Netserver. network low complexity CWE-295	5.4
2025-04-08	CVE-2025-30000	A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). local high complexity CWE-295	6.7
2025-02-10	CVE-2025-1002	Improper Certificate Validation vulnerability in Microdicom Dicom Viewer 2024.3 MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's certificate, which could make it possible for attackers in a privileged network position to alter network traffic and carry out a machine-in-the-middle (MITM) attack. high complexity microdicom CWE-295	5.3
2025-02-04	CVE-2025-1014	Improper Certificate Validation vulnerability in Mozilla Firefox Certificate length was not properly checked when added to a certificate store. network low complexity mozilla CWE-295	8.8
2025-01-26	CVE-2023-38009	IBM Cognos Mobile Client 1.1 iOS may be vulnerable to information disclosure through man in the middle techniques due to the lack of certificate pinning. high complexity CWE-295	4.2
2025-01-07	CVE-2024-40702	IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources due to improper certificate validation. network low complexity CWE-295	8.2
2024-12-18	CVE-2024-47119	IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. network high complexity CWE-295	5.9
2024-11-22	CVE-2023-51634	Improper Certificate Validation vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability. high complexity netgear CWE-295	7.5
2024-11-02	CVE-2024-51774	Improper Certificate Validation vulnerability in Qbittorrent qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors. network high complexity qbittorrent CWE-295	8.1